CVE-2003-0907

Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Published: 01/06/2004 Updated: 13/02/2024

CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9

VMScore: 454

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P

Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote malicious users to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr.exe.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft windows xp -
microsoft windows server 2003 -

CWE-88 http://www.us-cert.gov/cas/techalerts/TA04-104A.html http://www.kb.cert.org/vuls/id/260588 http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020065.html http://www.ciac.org/ciac/bulletins/o-114.shtml http://www.securityfocus.com/bid/10119 http://www.idefense.com/application/poi/display?id=100&type=vulnerabilities http://marc.info/?l=bugtraq&m=108196864221676&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/15704 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A904 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1000 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011 https://nvd.nist.gov https://www.kb.cert.org/vuls/id/260588

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-0907

Vulnerability Summary

References

Vulmon Search

About

Products

Connect